This course introduces the basics of cyber defense starting with foundational models such as Bell-LaPadula and information flow frameworks. These underlying policy enforcements mechanisms help introduce basic functional protections, starting with authentication methods. Learners will be introduced to a series of different authentication solutions and protocols, including RSA SecureID and Kerberos, in the context of a canonical schema.
The basics of cryptography are also introduced with attention to conventional block ciphers as well as public key cryptography. Important cryptographic techniques such as cipher block chaining and triple-DES are explained. Modern certification authority-based cryptographic support is also discussed and shown to provide basis for secure e-commerce using Secure Sockets Layer (SSL) schemes.

Преподаватели

Dr. Edward G. Amoroso

Текст видео

Hi, folks Ed Amoroso here. And in this video, we're going to spend some time on a topic called safeguard, cybersecurity safeguards. Now a lot of people like to assign a meaning to safeguards. It's kind of a preventative thing, stopping things before they can happen. A lot of times, you'll see a term like counter-measure used to describe something you do after an attack has already come in. We're not going to waste a lot of time in the semantics. I think way too many words in cybersecurity. So what we're going to do, is we're going to focus on this term safeguard, as really the security, the defense that you follow to reduce risk. In previous videos, we spent a lot of time on risk management, so we'll get into that. But it turns out there's three different ways that you can employ a safeguard to actually reduce risk. Let's go through them. So the first is a functional safeguard, and we're going to spend a ton of time on this. That's our your firewalls, cryptography, intrusion detection, any malware, behavior analytics, all the different functional computing, controls, protocol, systems, real sort of tangible hardware software. That's where they reside, we'll call those functional safeguards. A second type is a procedural safeguard. That's where we get all people together and we say hey, here's how we are going to behave. This is the administrative procedures we're going to follow. These are our configuration procedures we're going to follow. These are, as users, this is how we're going to behave. We're going to all promise not to click on things that look like this, and promise never to save things this way. It's these procedural things that sometimes are hard to enforce. But a lot of times, we have no choice, right? So functional and procedural, if you had your choice, you'd have everything be functional. And you tell everybody you can do whatever you want, you can't possibly cause problems, but you know that's not the way it works. So sometimes we have to follow procedural, mechanisms, or controls, or step by step administrative agreements to do some sort of risk mitigation, and we'll see a couple of those as we go through. So procedural or administrative safeguards would be a second category. Third category is policy, and this is a funny one because it comes in a lot of different shapes. Like sometimes it might be some rule that, if violated, has consequence, like [LAUGH] say hey, everybody, you do something bad here, and you're going to get fired, for example. So is that functional? No. Is it procedural? No, but there are consequences. Yes, so these policies that we set up sometimes do reduce risk. You might recall in a previous video, in a previous course, I showed you a soda machine and we broke into the soda machine. And we all came to the conclusion that one of the more powerful solutions is just to tape something on the machine. And say, hey, listen, you better stop breaking in to this machine because if you do and we catch you, you're going to be in a lot of trouble. That's not a functional control and that's not the procedure. In fact, it's one of the things that's so unique about cybersecurity. And as a practical cybersecurity engineer, you have to keep in mind that unlike other branches of engineering, sometimes just with a policy, we can be more effective than a functional control. I'll give you an example, and we'll spend some more time on this later but take deception, for example. Suppose, I have some function that actually is a trap, that if you fall into the trap, you get caught and you get in a lot of trouble, so it catches hackers. And I have a functional mechanisms, I put in place and I put them all over the place, it's almost like minefields. Well, an alternative to that would be to just tell everyone that you have a trap, and that you have these minefields that'll catch hackers. That your policy is that it's okay to do that. Now, the interesting thing is, that may be just as effective as really putting the functional controls in place, do you follow? If you think they're there, I may be affecting your behavior. So having policies sometimes complements procedures and functions. So again, the three primary components, and they worked together, functional, procedural, and policy. We're going to spend time through the entire course here going through those. So I hope this is useful to you, and I hope you'll spend time thinking through as we go through the course. Thanks.